EUVD-2026-33612

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below...

CVE-2026-40546

SOPlanning (affected versions 1.55 and earlier) is vulnerable to SQL Injection across multiple endpoints and parameters. An attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control of the database. This is documented under CVE-2026-40546; related CVEs descr...

LinkAce 注入漏洞

LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce prior to 2.5.6 had an injection vulnerability. This vulnerability stemmed from the database configuration process allowing attackers to control databases by...

EUVD-2026-20886

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

CVE-2026-34185

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

CVE-2026-34185

CVE-2026-34185 — SQL Injection in Hydrosystem Control System Affected product: Hydrosystem Control System.Vulnerability: SQL Injection across most scripts and input parameters due to lack of protections.Impact: With authentication, an attacker can inject arbitrary SQL commands, potentially gainin...

CVE-2026-34185 SQL Injection in Hydrosystem Control System

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

GUnet OpenEclass 访问控制错误漏洞

GUnet OpenEclass is a learning management system developed by the Greek company GUnet. Version 1.7.3 of GUnet OpenEclass contains an access control vulnerability. This vulnerability stems from the default inclusion of phpMyAdmin 2.10.0.2, which may allow attackers to obtain MySQL passwords and ga...

EUVD-2011-0857

Malware in sbrugna...

EUVD-2016-9189

Malware in sbrugna...

EUVD-2019-16107

Malware in sbrugna...

EUVD-2025-30251

Malicious code in bioql PyPI...

Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞

Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...

PT-2025-38610

Name of the Vulnerable Software and Affected Versions Vasion Print Virtual Appliance Host versions prior to 22.0.843 Vasion Print Application versions prior to 20.0.1923 Description Vasion Print contains dangerous PHP dead code in multiple Docker-hosted PHP instances. A script located at...

CVE-2025-40628 SQL Injection in DomainsPRO

SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the “d” parameter in the “/article.php” endpoint...

CVE-2025-43949

MuM MapEdit (mapedit-web) 24.2.3 is affected by a SQL injection vulnerability (CVE-2025-43949). The available data state that an attacker can execute malicious SQL statements that control the web application's database server. The issue has a CVSS v3.1 base score of 9.8 (CRITICAL) with network at...

SiberianCMS SQL Injection Vulnerability (CNVD-2024-35164)

SiberianCMS is an enterprise-level content management system that offers a variety of features for creating and managing web content. SiberianCMS suffers from a SQL injection vulnerability that originates from the system failing to properly neutralize special elements in SQL commands. The...

Navigating SQL Injection Vulnerabilities with DAST for Modern AppSec

The digital landscape is continuously evolving, and with it, the strategies for safeguarding our applications against vulnerabilities. In a recent advisory, CISA & the FBI have highlighted the critical importance of conducting thorough reviews of code and supply chains. The aim is to unearth any...

SUSE CVE-2015-4735

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management...

CVE-2022-36962

SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands...